The Department for Work and Pensions are introducing changes to job seeking called ‘Universal Jobmatch’ and ‘Universal Credit’. Consent.me.uk explains the massive privacy impact of these new measures.

By late Autumn the Government's Department of Work and Pensions plans to introduce a new Universal Jobmatch website for anyone seeking a job. The US company commissioned to deliver this service is Monster Worldwide, an online recruitment and technology service company infamous for numerous major personal data losses through hacking, including the US equivalent of Universal Jobmatch, usajobs.gov.

Millions of part-time workers and unemployed receiving welfare benefits will be mandated to register, thereby bypassing all semblance of consent[i], letting Jobcentre staff and external contractors have full access to all of their user activities, including reading correspondence with employers, viewing full content of CV's, pending and submitted job applications, jobsearches done and saved, feedback from employers, interviews offered and personal profiles. Jobcentre staff will also be able to attach job vacancy details to a user’s account, which they must apply for.

All of this is being driven by the plan to make all welfare benefit and related services digital by default and mandated for under the Welfare Reform Act (2012), coupled with the introduction of Universal Credit. These welfare reforms come with unprecedented coercive powers, such as “claimant commitments”, including the core mandatory requirement to give evidence of spending a whopping 35 hours per week[ii] doing Jobsearch activities, with non-compliance leading to loss of welfare payments through sanctions of up to 3 years[iii] and or the imposition of mandatory unpaid work(fare)[iv], for showing a lack of effort. Based on the evidence we believe that the unemployed and part time workers[v] receiving welfare benefits will be mandated to register.

This snoopers’ charter of a service will be integrated with many central, local government and private sector databases, covering wages paid, hours worked, credit ratings, electoral role and tax liability to name a few.

What about privacy and consent?

Under current Jobcentre rules and practice for welfare benefit recipients, specifically for Jobseekers Allowance, they are only required to show (not be collected) a record of jobseeking activities, which can just be a short diary account of jobs applied for and jobseeking activities undertaken to find employment.

Currently the collection and retention of actual correspondence with employers, job applications, emails, personal email addresses and telephone numbers requires informed consent and as such can be declined without consequence. However there is evidence that many of the Government's external contractors are subverting informed consent and forcing the sharing of such personal data by unlawful threats of benefit sanctions:

“Claimants [were] bullied into signing an agreement to supply prospective employers’ details, for the provider to claim a job outcome payment.”

Whilst some may say this level of privacy invasion is proportionate with regards the conditionality of welfare benefits, but this does not address the level of free no cost access to initially anonymised personal data purely on the pre-text of being an employer. Even though candidates can choose if they do want to release their full CV or complete a standard job application form, people claiming Jobseekers Allowance or Universal Credit will have a mandatory tracked sanctionable obligation to apply for any employer inviting them to apply. The contract documents indicate the only basic verification needed to open an employer’s account will be a landline or mobile phone number and a verified post code.

Privacy impact?

As no dedicated privacy impact assessment has been undertaken for Universal Jobmatch it is difficult not to conclude it will contravene the Data Protection Act in terms of consent and engage the Human Rights Act (ECHR Article 8) principle that “Everyone has the right to respect for his private and family life, his home and his correspondence.” Nor has anything been published about how the technology will be used, by the Government and external contractors, to view the activities of people not claiming any welfare benefits.

A quick insight into the likely privacy impact, for all users of Universa Jobmatch can be found on the Monster commissioned website usajobs.gov, under its Terms and Conditions and curiously not its Privacy Policy it says:

“All access or use of this system constitutes user understanding and acceptance of these terms and constitutes unconditional consent to review, monitoring and action by all authorized government and law enforcement personnel. While using this system your use may be monitored, recorded and subject to audit. ”

consent.me.uk was developed to address reported exploitative bullying practices of external DWP Welfare to Work(fare) Contractors/Providers and inform people of their Data Protection rights of consent and more general welfare rights. The author wished to remain anonymous.

[iv]Mandatory Work Activity aka Workfare, is a month’s full time unpaid work, whilst Jobseekers Allowance is paid."It helps them re-engage with the system, refocus their job search and gain work-related disciplines. Failure to complete a Mandatory Work Activity placement without good cause will result in the sanction of Jobseeker's Allowance for three months. This will rise to six months for a second breach. From later in 2012 a three year fixed sanction will apply for a third violation."

Tags

Share this article

Comments

Comments (16)

This is an absolute disgrace! How on earth is this going to be legal/lawful? No one can be forced into giving up their Data Protection Act rights!!. So what are the government saying - that once somebody is claiming benefits the DPA no longer applies? How can forced consent under the threat of destitution be considered to be freely given consent? It's despicable, and i think any lawyer worth their salt would have a field day with this.

Whilst the DWP may claim that there is no direct relationship to benefit claims, once the claim is active this jobsearch service looks set to be mandatory. Even if an individual adviser does not have user permission to access a users account activity unless they agree, voluntarily or via a mandatory obligation, the user data is being disclosed to the Government and it seems highly unlikely that the full content of a users account will not be monitored or used to audit the veracity of benefit claims, or for that matter all sorts of other Government services/intervention. Of course access to user data can be to a myriad of organisations that surveil the public under RIPA http://bit.ly/sCdBW+ or for other law enforcement related investigations.

I am already on the work programme, I care for two disabled children. If I am mandated/threatened with sanctions to sign up to this, which is clearly in breach of the Data Protection Act, I will seek legal advice. I suggest everyone does the same.

Worse Case Scenario : If those in receipt of Job Seekers Allowance are forced to use Universal Jobmatch, then after the Data Protection Issues have been ironed out (ie I will not currently use a system which implicitly assumes that Data Protection Rights are waived) I for one will simply use the system a minimum number of times to address the Job Seekers Agreement. Say to apply for 3 jobs per week.

It will save the need to telephone Job Centre Plus Jo Seekers Direct once a week, and involve myself with Job Centre Call Centre Clerks who delude themselves with the belief that they are employed as Recruitment Consultants.

@Eowyn Rohan
If a telephone helpline exists, then they could be called for an employers contact details and the job application made direct, dispensing with Jobmatch. However, your limited use would still mean creating a personal profile and CV for distribution via those 3 applications. Currently there is no sanction based obligation to use Jobcentre+ Job broking CV sharing services. Once anyone uploads their CV, it could well become accessible to Welfare to Work providers, who may share it without further permission. Plus an adviser also has the facility to attach a vacancy to anyone's account, implying it must be applied for. Employers will also be able to invite applications. It is probable any future equivalent to a Jobseekers Agreement with be written in more open ended ways and be less prescriptive. Especially as Jobsearch looks like becoming a mandatory 35hr a week benefit condition.

Absolutely - Universal Jobmatch may be dispensed with. I doubt very much whether Universal Jobmatch will cover even a small portion of the available market place for jobs listing... it will come into conflict with other jobs boards, devised by agencies, and by employers who made have a heavy investment in kit. Interoperability is going to be a big issue, which will never be ironed out in the short term, and as for systems.... I doubt whether Universal Jobmatch is compliant with all existing browser, and as soon as a new system and/.or browser is introduced, technical difficulties will be manifest.

I havent used Internet Explorer for years - not simply due to it being antiquated, but in terms of Apple - you cannot get above IE version 5.0.

In terms of the practicalities.... I assume that a legal agency will be working on a case which cites the need to address Data Protection Legislation as a precursor towards implementing the system for practical use, and force a Judicial Review.

The contract docs talk about getting agreement from other recruitment website's to 'scrape' them and to auto import vacancies into Jobmatch. It would be helpful if once logged on all employers contact details could be viewed, allowing job applications to be direct. The Equality Act (2010) also imposes a duty to facilitate alternative non online based ways to make jobs applications.

A key problem could quickly develop when specific vacancies can only be applied for via Jobmatch, which is how Monster developed http://www.usajobs.gov works. Plus the contract docs discuss a facility that would allow employers to search profiles* and only invite matches to apply.

I think the term "Hasn't been thought through" (or Omnishambles) is an accurate assessment. However, aside from that, a fundamental problem in the matching process resides in the competence of whomsoever is assigned to match candidate profile to vacancy.

For example - if We take a low level job, such as Web Development. A candidate may be subsequently matched to this vacancy, they may be interviewed, but at the interview, it transpires that the candidate may only possess experience in Apache, MySQL and PHP whereas the employer was looking for ASP.NET.

Of course, if the system is as open as conjectured, and candidates have no authority to restrict applications (implicitly accepting that anyone may access the system and review candidate profiles), there is nothing to stop unauthorised parties conducting a fishing expedition with the aim of accruing as many CV's as possible (a common issue with Job Centre Plus where Agency Vacancies may be fictitious), and even leading to ID Fraud.

It might be worth looking into, for everyone adding a disclaimer onto all information submitted to the Jobmatch website.

Something like:

Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual to whom they are addressed. I do not consent or authorise for any of the information supplied within this email to be disclosed, shared or any feedback to be given to any Third Party without my prior agreement. For example: To the Department of Work & Pensions, Jobcentre Plus or any other organisations.

I tried the beta of the new .gov site to search, trade = Software Test Engineer, all jobs found = Software Developer, absolute and complete rubbish and if I was ever placed in the position of using this service I would tell them that quite bluntly!

@Eowyn Rohan
Understand employers will only be informed of anonymous potential candidate matches, it will be for the candidate to consider if they want to share their CV or submit a standard application, if the employer invites them to apply or they see an open advert.

It's worrying that, despite data protection rules, these rules seem to be openly flaunted and manipulated by the govt. for this new scheme. The scheme iself once again shows a complete lack of understanding of how the job market actually operates - especially in times of double dip recession. Proof, if anymore were needed, that DWP policies are designed to humiliate and punish those deemed low enough to claim benefit. If I ever end up on such a scheme I hope I can find a way to challenge it through the courts as I doubt the usual complaint process will make much difference.

I'm not really surprised that the Government wants to control an unemployed person's personal data. As added to the recent news that they also want to control what an unemployed person spends their benefit money on. It's an absolute disgrace.

The media is reporting today how Universal Jobmatch will be part of the Government's 'National 'virtual ID card' scheme' & 'Twitter and Facebook to be used for benefit applications' and also highlights how the private sector in the form of Banks, PayPal, Facebook, Twitter, Google, AOL could be linked to delivery of DWP Universal Jobmatch/Credit services.

ORG Events

Contact us

Email us

Write for us

ORGzine welcomes contributions. If you are interested in writing a comment on a digital rights issue,
please get in touch

About ORG

The Open Rights Group campaign for digital rights, and defend democracy, transparency and new creative possibilities.
ORGzine is the Open Rights Group digital magazine. The zine is a space for news, opinion, features, and debate over the social,
political and legal issues associated with digital rights.